Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sun java vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2008-0241
Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the nextPage parameter.
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
4.3
CVSSv2
CVE-2009-1796
Cross-site scripting (XSS) vulnerability in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allows remote malicious users to inject arbitrary web script or HTML via vectors related to an error page.
Sun Java System Portal Server 6.3.1
Sun Java System Portal Server 7.1
Sun Java System Portal Server 7.2
4.3
CVSSv2
CVE-2008-5114
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 up to and including 6.0 SP4, 7.0, and 7.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
6.8
CVSSv2
CVE-2008-5115
Cross-site request forgery (CSRF) vulnerability in Sun Java System Identity Manager 6.0 up to and including 6.0 SP4, 7.0, and 7.1 allows remote malicious users to hijack the authentication of administrators for requests that update the password via idm/admin/changeself.jsp.
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
1 EDB exploit
7.8
CVSSv2
CVE-2008-5116
Directory traversal vulnerability in idm/includes/helpServer.jsp in Sun Java System Identity Manager 6.0 up to and including 6.0 SP4, 7.0, and 7.1 allows remote malicious users to read arbitrary files in the filesystem of the IDM server via directory traversal sequences in the ex...
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
6.4
CVSSv2
CVE-2008-5117
Open redirect vulnerability in Sun Java System Identity Manager 6.0 up to and including 6.0 SP4, 7.0, and 7.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
4.3
CVSSv2
CVE-2008-5118
Sun Java System Identity Manager 6.0 up to and including 6.0 SP4, 7.0, and 7.1 allows remote malicious users to inject frames from arbitrary web sites and conduct phishing attacks via unspecified vectors, related to "frame injection."
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
4.3
CVSSv2
CVE-2009-4187
Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sun Java System Portal Server 7.1
Sun Java System Portal Server 7.2
Sun Java System Portal Server 6.3.1
7.5
CVSSv2
CVE-2008-1995
Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the "bind-dn" criteria, which can cause an incorrect application of policy and allows remote malicious users to bypass intended access restrictions for the server.
Sun Java System Directory Server 6.0
Sun Java System Directory Server 6.1
Sun Java System Directory Server 6.2
5
CVSSv2
CVE-2004-2216
Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and previous versions and 6.1 SP1 and previous versions, and Application Server 7 Update 4 and previous versions, allows remote malicious users to cause a denial of service (crash) via a malformed client certificate.
Sun Java System Application Server 7.0
Sun Java System Web Server 6.1
Sun Java System Web Server 6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »